| Yubico Forum https://forum.yubico.com/ |
|
| Deploying an php validation server https://forum.yubico.com/viewtopic.php?f=5&t=846 |
Page 2 of 2 |
| Author: | soldier24 [ Wed Aug 15, 2012 10:24 pm ] |
| Post subject: | Re: Deploying an php validation server |
I have "clients" changed to "val_clients". I fount multiple yubikeys values. (But I do not see what is and what is not of the database) If I change them all I get: Quote: Fatal error: Call to undefined function curl_multi_init() in C:\xampp\htdocs\yubico\validation\ykval-common.php on line 114 and if I use a used otp I get: Quote: h=h46iubJ98aR4NMlc54DDOORq1yk= t=2012-08-15T21:22:17Z0035 status=REPLAYED_OTP So that detects correctly if I change nothing of the yubikeys values I get. Quote: h=M5HXtZwNrgda9/8yMez2Yt0yMnY= t=2012-08-15T21:21:19Z0170 status=BACKEND_ERROR
|
|
| Author: | Klas [ Thu Aug 16, 2012 6:52 am ] |
| Post subject: | Re: Deploying an php validation server |
You should change all places in ykval-synclib where it says yubikeys in quotes. The error about curl_multi_init means you don't have the php curl module installed. It's not really needed when you just have one server and noone to sync with, but the code doesn't know about that. /klas |
|
| Author: | soldier24 [ Thu Aug 16, 2012 3:42 pm ] |
| Post subject: | Re: Deploying an php validation server |
I checked my php configuration and I saw the curl module was installed but was turned off. This I finally turned and he works.  had 1 single thing to change in the config to: $baseParams['__YKVAL_SYNC_POOL__'] = array(); was first $baseParams['__YKVAL_SYNC_POOL__'] = array(""); there was a quote I forgot to remove.  and finally it works and I'm glad that it works. Thank you very much for your help!
|
|
| Author: | abatie [ Wed Jan 30, 2013 2:41 am ] |
| Post subject: | Re: Deploying an php validation server |
Things are nearly working: the ksm returns something that looks good, and the verify runs, but comlains "NOT_ENOUGH_ANSWERS" and /var/log/messages says: Jan 29 17:36:05 ydb ykval[22607]: LOG_INFO:ykval-queue:synclib:server=http://ydb.peak.org/wsapi/2.0/sync, server_nonce=965f1784df8cb5f769022216560687ca, info=yk_publicname=vvhbtfcndfgv&yk_counter=1&yk_use=13&yk_high=100&yk_low=28704&nonce=b7328dd9e35ba9d49e6245eb500add0a,local_counter=1&local_use=12 Jan 29 17:36:05 ydb ykval[22607]: LOG_ERR:ykval-queue:synclib:Remote server refused our sync request. Check remote server logs. ksm and validation are both on the same server and there aren't any obvious "remote server logs" to check...ykval-queue.log just says: [Jan 29 17:35:25] notice: starting ykval-queue daemon, output in: /var/log/ykval-queue.log |
|
| Author: | Klas [ Wed Jan 30, 2013 10:59 am ] |
| Post subject: | Re: Deploying an php validation server |
Almost there.. =) If you've only got one validation server you want to make sure the config parameter __YKVAL_SYNC_POOL__ is empty and that __YKVAL_SYNC_DEFAULT_LEVEL__ is 0. What's happening is that your validation server tries to sync with another server and fails. As default sync level is measure in percent it doesn't get up to required level of syncronization and sends an error to the user. /klas |
|
| Author: | abatie [ Wed Jan 30, 2013 8:36 pm ] |
| Post subject: | Re: Deploying an php validation server |
Do I even need to run ykval-queue? |
|
| Author: | abatie [ Wed Jan 30, 2013 8:42 pm ] |
| Post subject: | Re: Deploying an php validation server |
That did it, thanks! And it doesn't appear that ykval-queue is needed... |
|
| Author: | Klas [ Thu Jan 31, 2013 8:16 am ] |
| Post subject: | Re: Deploying an php validation server |
No, ykval-queue is only needed if you have several validation servers to keep in sync. /klas |
|
| Page 2 of 2 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|